public static Date getSignatureTime(SignerInformation signer) { AttributeTable atab = signer.getSignedAttributes(); Date result = null; if (atab != null) { Attribute attr = atab.get(CMSAttributes.signingTime); if (attr != null) { Time t = Time.getInstance(attr.getAttrValues().getObjectAt(0) .toASN1Primitive()); result = t.getDate(); } } return result; }
/** * verify that the given certificate successfully handles and confirms * the signature associated with this signer and, if a signingTime * attribute is available, that the certificate was valid at the time the * signature was generated. * @deprecated use verify(ContentVerifierProvider) */ public boolean verify( X509Certificate cert, Provider sigProvider) throws NoSuchAlgorithmException, CertificateExpiredException, CertificateNotYetValidException, CMSException { Time signingTime = getSigningTime(); if (signingTime != null) { cert.checkValidity(signingTime.getDate()); } return doVerify(cert.getPublicKey(), sigProvider); }
/** * Verify that the given verifier can successfully verify the signature on * this SignerInformation object. * * @param verifier a suitably configured SignerInformationVerifier. * @return true if the signer information is verified, false otherwise. * @throws org.bouncycastle.cms.CMSVerifierCertificateNotValidException if the provider has an associated certificate and the certificate is not valid at the time given as the SignerInfo's signing time. * @throws org.bouncycastle.cms.CMSException if the verifier is unable to create a ContentVerifiers or DigestCalculators. */ public boolean verify(SignerInformationVerifier verifier) throws CMSException { Time signingTime = getSigningTime(); // has to be validated if present. if (verifier.hasAssociatedCertificate()) { if (signingTime != null) { X509CertificateHolder dcv = verifier.getAssociatedCertificate(); if (!dcv.isValidOn(signingTime.getDate())) { throw new CMSVerifierCertificateNotValidException("verifier not valid at signingTime"); } } } return doVerify(verifier); }
private Time getSigningTime() throws CMSException { ASN1Primitive validSigningTime = getSingleValuedSignedAttribute( CMSAttributes.signingTime, "signing-time"); if (validSigningTime == null) { return null; } try { return Time.getInstance(validSigningTime); } catch (IllegalArgumentException e) { throw new CMSException("signing-time attribute value not a valid 'Time' structure"); } }
private static ASN1Set buildSignedAttributes(byte[] hash, Date dateTime, X509Certificate cert) throws Exception { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new Attribute(CMSAttributes.contentType, new DERSet(PKCSObjectIdentifiers.data))); if (dateTime != null) v.add(new Attribute(CMSAttributes.signingTime, new DERSet(new Time(dateTime)))); v.add(new Attribute(CMSAttributes.messageDigest, new DERSet(new DEROctetString(hash)))); // CADES support section ASN1EncodableVector aaV2 = new ASN1EncodableVector(); AlgorithmIdentifier algoId = new AlgorithmIdentifier(new ASN1ObjectIdentifier(CMSSignedDataGenerator.DIGEST_SHA256), null); aaV2.add(algoId); byte[] dig = SignUtils.calculateHASH(CMSSignedDataGenerator.DIGEST_SHA256, cert.getEncoded()); aaV2.add(new DEROctetString(dig)); Attribute cades = new Attribute(PKCSObjectIdentifiers.id_aa_signingCertificateV2, new DERSet(new DERSequence(new DERSequence(new DERSequence(aaV2))))); v.add(cades); ASN1Set signedAttributes = new DERSet(v); return signedAttributes; }
/** * Retorna a data da criacao da assinatura * NAO EH CARIMBO DE TEMPO * @return Date * @see Date */ public Date getDataAssinatura(){ try { getCertificadoAssinante(); } catch (Exception e) { return null; } AttributeTable attr = signerInfo.getSignedAttributes(); if (attr != null) { Attribute t = attr.get(CMSAttributes.signingTime); if (t != null) { Time time = Time.getInstance( t.getAttrValues().getObjectAt(0).getDERObject()); return time.getDate(); } } return null; }
private MimeMultipart generateMultiPartRsa( String algorithm, MimeBodyPart msg, Date signingTime, Map micalgs) throws Exception { List certList = new ArrayList(); certList.add(_signCert); certList.add(_origCert); Store certs = new JcaCertStore(certList); ASN1EncodableVector signedAttrs = generateSignedAttributes(); if (signingTime != null) { signedAttrs.add(new Attribute(CMSAttributes.signingTime, new DERSet(new Time(signingTime)))); } SMIMESignedGenerator gen = new SMIMESignedGenerator(micalgs); gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(new AttributeTable(signedAttrs))).build(algorithm, _signKP.getPrivate(), _signCert)); gen.addCertificates(certs); return gen.generate(msg); }
private MimeMultipart generateMultiPartRsaPSS( String digest, MimeBodyPart msg, Date signingTime) throws Exception { List certList = new ArrayList(); certList.add(_signCert); certList.add(_origCert); Store certs = new JcaCertStore(certList); ASN1EncodableVector signedAttrs = generateSignedAttributes(); if (signingTime != null) { signedAttrs.add(new Attribute(CMSAttributes.signingTime, new DERSet(new Time(signingTime)))); } SMIMESignedGenerator gen = new SMIMESignedGenerator(); gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).setSignedAttributeGenerator(new AttributeTable(signedAttrs)).build(digest + "withRSAandMGF1", _signKP.getPrivate(), _signCert)); gen.addCertificates(certs); return gen.generate(msg); }
private MimeMultipart generateMultiPartRsa( String digestOid, MimeBodyPart msg, Date signingTime, Map micalgs) throws Exception { List certList = new ArrayList(); certList.add(_signCert); certList.add(_origCert); CertStore certs = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certList), "BC"); ASN1EncodableVector signedAttrs = generateSignedAttributes(); if (signingTime != null) { signedAttrs.add(new Attribute(CMSAttributes.signingTime, new DERSet(new Time(signingTime)))); } SMIMESignedGenerator gen = new SMIMESignedGenerator(micalgs); gen.addSigner(_signKP.getPrivate(), _signCert, digestOid, new AttributeTable(signedAttrs), null); gen.addCertificatesAndCRLs(certs); return gen.generate(msg, "BC"); }
private MimeMultipart generateMultiPartRsaPSS( String digestOid, MimeBodyPart msg, Date signingTime) throws Exception { List certList = new ArrayList(); certList.add(_signCert); certList.add(_origCert); CertStore certs = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certList), "BC"); ASN1EncodableVector signedAttrs = generateSignedAttributes(); if (signingTime != null) { signedAttrs.add(new Attribute(CMSAttributes.signingTime, new DERSet(new Time(signingTime)))); } SMIMESignedGenerator gen = new SMIMESignedGenerator(); gen.addSigner(_signKP.getPrivate(), _signCert, SMIMESignedGenerator.ENCRYPTION_RSA_PSS, digestOid, new AttributeTable(signedAttrs), null); gen.addCertificatesAndCRLs(certs); return gen.generate(msg, "BC"); }
private LocalDateTime getSigningTime(final SignerInformation signerInformation) { final AttributeTable signedAttributes = signerInformation.getSignedAttributes(); if (signedAttributes != null) { final ASN1EncodableVector signingTimeAttributes = signedAttributes.getAll(CMSAttributes.signingTime); if (signingTimeAttributes.size() == 1) { final ASN1Set attributeValues = ((Attribute) signingTimeAttributes.get(0)).getAttrValues(); if (attributeValues.size() == 1) { return new LocalDateTime(Time.getInstance(attributeValues.getObjectAt(0).toASN1Primitive()).getDate()); } } } return null; }
